-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Technical Cyber Security Alert TA04-336A
Update for Microsoft Internet Explorer HTML Elements Vulnerability
Original release date: December 1, 2004
Last revised: --
Source: US-CERT
Systems Affected
Microsoft Windows systems running
* Internet Explorer versions 6 and later (see MS04-040 for affected
software and components)
* Other programs that host the WebBrowser ActiveX control
Overview
Microsoft Security Bulletin MS04-040 contains an update to fix a
buffer overflow vulnerability in Internet Explorer.
I. Description
TA04-315A describes a buffer overflow vulnerability in Microsoft
Internet Explorer HTML elements that could allow a remote attacker to
execute arbitrary code. Note that any program that hosts the
WebBrowser ActiveX control could be affected. Microsoft Security
Bulletin MS04-040 contains an update to fix this vulnerability.
The vulnerability is described in further detail in VU#842160.
II. Impact
By convincing a user to view a specially crafted HTML document (e.g.,
a web page or an HTML email message), an attacker could execute
arbitrary code with the privileges of the user. The attacker could
also cause IE to crash.
Reports indicate that this vulnerability is being exploited by
malicious code referred to as MyDoom.{AG,AH,AI} or Bofra.
III. Solution
Install an update
Install the appropriate update according to Microsoft Security
Bulletin MS04-040. For additional information about the update,
including possible adverse effects, please see Microsoft Knowledge
Base articles 889293 and 889669.
Appendix A. References
* Microsoft Security Bulletin MS04-040 -
<http://www.microsoft.com/technet/security/bulletin/ms04-040.mspx>
* MS04-040: Cumulative Security Update for Internet Explorer (IE 6.0
SP1) - <http://support.microsoft.com/kb/889293>
* An update rollup is available for Internet Explorer 6 SP1 -
<http://support.microsoft.com/kb/889669>
* US-CERT Technical Cyber Security Alert TA04-315A -
<http://www.us-cert.gov/cas/techalerts/TA04-315A.html>
* Vulnerability Note VU#842160 -
<http://www.kb.cert.org/vuls/id/842160>
* About the Browser (Internet Explorer - WebBrowser) -
<http://msdn.microsoft.com/workshop/browser/overview/Overview.asp>
_________________________________________________________________
Feedback can be directed to the authors: Will Dormann and Art Manion.
Send mail to <cert@xxxxxxxx>.
Please include the Subject line "TA04-336A Feedback VU#842160".
_________________________________________________________________
Copyright 2004 Carnegie Mellon University.
Terms of use: <http://www.us-cert.gov/legal.html>
_________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA04-336A.html>
_________________________________________________________________
Revision History
December 1, 2004: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iQEVAwUBQa5IqhhoSezw4YfQAQK9ZAf7BHn69m5KRp64ePmJii0a1UCmZLimEdoF
16f11YLjUZljUvCjDD21pPv0jiPYY5cmFcHXZdlpovu/x6FnxuNvmV0GUYGENy27
qSzBt6aHc2oAHsouxb77x9ZIlg/k6+yjX82HqcR9+ITIXDx5SfTEz4jJsCJ86I7y
UTZqpMSQIniE8QDJ2VsoVnLylvC1RqgUCEXf+/526XDu/udIpQ+pahuewNUy+bgH
cj28U7WnjEAI9X/dgmCKu9znTtSfFL0Lm1YxDvF/tH1+q/9z9KmdldT16HbGPjJO
K0xbbFkpgKy9apXTF3MOzlb/ehXMXLgOwV37IXCD49TAhQy2FBe5CQ==
=w9cf
-----END PGP SIGNATURE-----
